Cross-Site Scripting (XSS) Vulnerability in SafeHTML's _writeAttrs Function
CVE-2005-1638 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.
Learn more about our Web Application Penetration Testing UK.